According to previous announcements, a year after the acquisition of Comodo Group by Francisco Partners, on November 1 Comodo CA announced that from now on it is changing its brand to Sectigo [pronounced. sec-tee-go]. The goal of rebranding is consistency in company communication and better dedication to what Comodo is doing now.

The European Union Agency for Network and Information Security (ENISA), which is the center of knowledge about cyber security in Europe, organizes as every year in October the European Cyber Security Month. The campaign is starting in a few days. What is its purpose and how can you participate in it?

General Data Protection Regulation (GDPR) is a 99-article regulation meant to protect the private data of Europeans in IT systems. Announced in 2016, covers a broad variety of topics and will go into effect as a requirement on May 25, 2018. GDPR applies to any company doing business in Europe even if it is located elsewhere.

Recently, Symantec announced that DigiCert, the leading provider of enterprise PKI encryption solutions, has acquired Symantec's Website Security and related PKI. In response to changes in browser visibility, Symantec provides an option to re-issue SSL certificates with new infrastructure in this area, working with Digicert. Certificates will work the same way, only the backbone of encryption strings is changing.

As of March 1, 2018, Certification Authorities will cease issuing 3-year SSL certificates for OV and DV validation. Re-issue after February 28, 2018 will be valid for no longer than 27 months, regardless of the original period. If you use certificates issued for 10 years and re-issue them, the CA will be forced to shorten their validity period.

SiteLock is an extremely effective tool in the fight against malware. It scans the web for malware every day, and if it detects it immediately removes it before it causes serious problems. SiteLock gives you full visibility of changes that take place on the page - informs you of any modifications to the file.

On September this year we have talked about the obligation for SSL certificate issuers to verify the CAA in client DNS records requesting SSL since September 8, 2017. If you are a webmaster now, there is an additional tool in your hands to protect you from invalid certificate issuance.

In accordance with the requirements of the CA / Browser Forum starting 8 September 2017, SSL certificate issuers will verify the CAA records in the DNS records of clients applying for SSL certificates.

If you run a online business, you are sure to use Google AdWords. Perhaps this is one of the main traffic sources on your site, so the last message you want to see is "Your account has been suspended ...". And yet, you can expect it if your site is not SSL-secured.

WoSign – one of the largest digital certificate provider in China, the owner of Israeli certificate authority (CA) StartCom – recently faced problems with Mozilla. It has all started after various security incidents, including issue of SSL/TLS certificates for primary GitHub domains to subdomain owner.

For 4.65 billion dollars Symantec - the market leader in cyber-security holding branches in more than 40 countries around the world - took over Blue Coat - a company from the same industry, but with a different specialization. What are the reasons for this acquisition?

Starting 1st of August 2016, Comodo and DomenySSL will no longer offer SGC variants of certificates. As your account has a valid SGC certificate which will be up for renewal in the future, the company has prepared a list of recommended alternatives.

Companies that use the free SSL Certificates for their own websites should rethink that choice. Security company "Trend Micro" indicates that a free SSL Certificate doesn't guarantee the security of the site.

On its official blog Firefox developer team announced that they're going to focus their efforts on intent to phase out HTTP for HTTPS. That means Firefox is taking serious steps forward to fully encrypte and make the Internet a safer place.

OpenSSL released four patches for new security vulnerabilities found in OpenSSL versions 1.0.1 and 0.9.8. These patches fix a total of eight vulnerabilities, two of which are rated moderate and the others are considered low risk.

One of the largest providers of in-flight Internet service is accused of using methods similar to man-in-the-middle attacks. The company issued fake SSL certificates. Gogo explained that they were intended primarily for transmitting and downloading heavy files.

The Heartbleed Bug also known as CVE-2014-0160 is a vulnerability within the OpenSSL cryptographic software library that enables all the SSL/TLS protected information to be stolen under normal conditions.

First day of CeBIT 2014 is behind us! Thanks to all visitors who came to talk about Internet security and ways to assure safety during online activity. That was great day full of meetings and other events such as a TV interview

As many of our clients know, purchasing SSL from a hosting provider can be very expensive. In order to overcome those ridiculous prices and purchase the SSL certificate of your choice we took the time to write this general guide to installing 3rd Party SSL.

Since the Edward Snowden leaks internet privacy has become somewhat of a difficult subject to discuss. It has come to light that the NSA along with the other agencies (FBI, CIA etc.) have enabled access to our personal lives, which in return, has given us a big brother sense of insecurity. In order regain that sense of security we lost months ago I will briefly discuss 5 easy ways to keep your personal information private.

Many clients often ask us if there is a solution to secure a website along with its sub-domains. The quick and easy answer is yes. A Wildcard SSL certificate does exactly that, by definition a Wildcard certificate will secure the main domain and any sub-domains

As a whole SSLGURU.com always tries to provide the most update security advice to our clients, so today we are going to discuss some of the duties that content owners and publishers have in order to properly store and transmit their customer’s data. It has been proven that if a customer believes that their data is safe then they will be more inclined to shop and spend online. In order for industry standard s to improve it is important that website protection is “vendor-neutral, easy to implement, and globally accessible.” Every website owner should integrate the best security practices into the web design and implementation and this includes the use of SSL.

Encryption key management for SSL is the process of successfully securing and managing the private key. The private key is the tool that is used to decrypt the information that is received from anyone who has access to the public key. For example if an end-user purchases an item from amazon.com their browser would encrypt the personal information (credit card, address etc.) using the Amazon’s public key, and once that information is received by the Amazon server it would be decrypted by their private key. Because of the unique feature of the private key essentially the most important aspect of SSL and therefore should be securely stored and managed. Below I have discussed a few ways to success store and manage a private key.

As many of you may know Google recently detected a TLS/SSL certificate that was created by the Ministry of France and used as “a commercial device, on a private network, to inspect encrypted traffic with the knowledge of the end users.” In general there is no application on the public internet that would require such a certificate and the use of this type of intermediate certificate does create many security related problems such as “internet traffic routing, domain name resolution and the possibility of an unconstrained trusted intermediate CA certificate.”

Great news was released to us couple weeks ago from the Microsoft company. They confirmed that their products get encryption e-mail messages in Office 365. The users got appendix in the quarter of 2014 and it would be available for each user for free.

BYOD (Bring Your Own Device) is the new phenomenon spreading across the world. Workers are more and more often using their personal devices such as smartphones and laptops for attaching to corporate networks. According to Virgin Media Business reaserch it is increasingly common practice. In 2012 51% of corporate networks in UK have already been compromised by this practice. Smaller companies are particularly vulnerable for those kind of threats.

A weak roots are defined as a keys long less than 1024-bits. No connections with these short encryption keys are dedicated to increase the protection of users and also moving from the Internet old and unsafe tools to a stronger encryption length.

A summary report of Internet security threats in 2011 reveals that SSL certificates are still accepted by IT specialists as one of the basic elements of e-data protection. Symantec warns: 232 million identity has been stolen in 2011.

WhiteHat Security specialists alert for increased hackers activity and big amount of affected sites. It turns out that criminals become more efficient and the owners have still weak security on their pages.

Companies using our SSL certificates:

We accept

All the SSL certificates we offer are issued by Certification Authorities that meet the standard WebTrust specified by The American Institute of Certified Public Accountants and Canadian Institute of Chartered Accountants.